Windows XP/Server 2003 digital signature FAQ
Q: What is SHA-256 digital certificate signing?
A: In order for customers to verify the authenticity of an installation package, software distributors digitally sign their installers and installation files. Webroot has always followed this practice. Starting with Webroot version 9.0.27.64, Webroot will be digitally signed with a SHA-256 certificate only. SHA-256 is a more modern certificate format which provides better security and authenticity verification on the latest operating systems. Unfortunately, Windows XP and Server 2003 do not support this SHA-256 standard and will not be able to verify the signature prior to installation. However, installation to Windows XP and Server 2003 is still possible using installers that are only signed with SHA-256.
Q: Why is Webroot only signing with SHA-256 certificates?
A: The previous signing standard, SHA-1, has been deprecated industry wide in favor of the more secure SHA-256 standard. It is no longer possible to purchase SHA-1 certificates, so Webroot has no choice but to sign only with the more modern and more secure technology standard.
Q: What about operating systems other than Windows XP/Server 2003?
A: Vista, Server 2008, Windows 7 and Server 2008 RC systems will authenticate SHA-256 signatures provided these OS have all the latest Service Packs and updates. Windows 8 and Windows 10 will authenticate using SHA-256 out of the box.
Q: Is Webroot still secure?
A: Yes, Webroot signs and digitally validates all of our installer packages before release and will continue to do so.
Q: How can I validate a Webroot binary before installing?
A: It is possible to inspect and validate the Webroot installation package before installing, provided you use an OS that recognizes SHA-256. Windows 10 is recommended.
To view a digital signature, follow these steps:
Q: Where can I download a build that works on Windows XP/Server 2003?
A:
Home users: https://anywhere.webrootcloudav.com/zerol/wsafnl.exe
Business users: https://anywhere.webrootcloudav.com/zerol/wsasmefnl.exe
Q: What is SHA-256 digital certificate signing?
A: In order for customers to verify the authenticity of an installation package, software distributors digitally sign their installers and installation files. Webroot has always followed this practice. Starting with Webroot version 9.0.27.64, Webroot will be digitally signed with a SHA-256 certificate only. SHA-256 is a more modern certificate format which provides better security and authenticity verification on the latest operating systems. Unfortunately, Windows XP and Server 2003 do not support this SHA-256 standard and will not be able to verify the signature prior to installation. However, installation to Windows XP and Server 2003 is still possible using installers that are only signed with SHA-256.
Q: Why is Webroot only signing with SHA-256 certificates?
A: The previous signing standard, SHA-1, has been deprecated industry wide in favor of the more secure SHA-256 standard. It is no longer possible to purchase SHA-1 certificates, so Webroot has no choice but to sign only with the more modern and more secure technology standard.
Q: What about operating systems other than Windows XP/Server 2003?
A: Vista, Server 2008, Windows 7 and Server 2008 RC systems will authenticate SHA-256 signatures provided these OS have all the latest Service Packs and updates. Windows 8 and Windows 10 will authenticate using SHA-256 out of the box.
Q: Is Webroot still secure?
A: Yes, Webroot signs and digitally validates all of our installer packages before release and will continue to do so.
Q: How can I validate a Webroot binary before installing?
A: It is possible to inspect and validate the Webroot installation package before installing, provided you use an OS that recognizes SHA-256. Windows 10 is recommended.
To view a digital signature, follow these steps:
- Download the installer
- Right click the file and select Properties
- On the Properties dialog, click the Digital Signatures tab
- In the Signature list, for Webroot files, you will see:
- Name of signer: Webroot, Inc.
- Digest algorithm: sha256
- Timestamp: This will vary based on when the build is created
- Select the entry in the Signature list and use the Details button to access more information about the certificate, including its expiration date.
Note: Files signed before the certificate expires are still valid after the expiration date.
Q: Where can I download a build that works on Windows XP/Server 2003?
A:
Home users: https://anywhere.webrootcloudav.com/zerol/wsafnl.exe
Business users: https://anywhere.webrootcloudav.com/zerol/wsasmefnl.exe
Thanks for your feedback!
Powered by noHold, Inc. U.S. Patent No. 10,659,398
All Contents Copyright© 2024